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System for establishing communication across firewall , has server which 

establishes communication between two computers separated from 

communication network by firewall 
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Abstract (Basic) : WO 200178349 A2 

NOVELTY - Client computer (101) that are separated from 
communication network by firewalls (106,113) transmits information 
mutually, through a server (107) using an encrypted address 
message . 

DETAILED DESCRIPTION - INDEPENDENT CLAIMS are also included for the 
following : 

(a) Method for transmitting information; 

(b) Computer readable medium containing stored program for 
transmitting information across a network 

USE - For establishing communication between two computers across 
firewall in virtual private network (VPN) for providing Internet relay 
chat . 

ADVANTAGE - Provides highly secured communication between computers 
by using encrypted message. Achieves efficient handling of internal 
data exchange functions between clients, by incorporating the server as 
the intermediate device. 

DESCRIPTION OF DRAWING (S) - The figure shows the architecture of 
the communication establishment system. 

Client computer (101) 
Firewalls (106, 113) 

Server (107) 
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Set Items Description 

51 282349 ADDRESS? ? OR URL? ? OR URI? ? OR UNIFORM {) RESOURCE () LOCATO- 

R? ? 

52 7792 (IP OR INTERNET () PROTOCOL) {) ADDRESS? ? 

53 304117 LINK? ? OR HYPERLINK? ? 

54 29535 (WEB OR INTERNET OR WWW OR HTTP OR HOME) {) (PAGE? ? OR SITE? 

?) OR WEBPAGE? ? OR WEBSITE? ? OR HOMEPAGE? ? 

55 223148 ENCRYPT? OR ENCIPHER? OR ENCYPHER? OR ENCOD??? 

56 262867 ANONYM? OR MASK??? OR HIDE? ? OR HIDING OR HIDDEN OR DISGU- 

IS??? 

57 2105820 REWRIT??? OR CHANG??? OR ALTER?????? OR MODIF??? OR MODIFI- 

CATION? ? 

58 311791 SERVER? ? OR WEBSERVER? ? OR PROXY OR PROXIES OR HOST? ? 

59 4708 (FIRST OR 1ST OR PRIMARY OR ORIGINAL) (3N) (S4 OR S8) 

510 10061 (SECOND??? OR 2ND OR NEXT OR OTHER OR ANOTHER) (3N) (S4 OR S- 

8) 

511 1429 S5(2N)S1:S4 

512 10973 (S6:S7 OR CLOAK???) (2N) SI : S4 

513 12951 S9:S10 (2N) (S4 OR S8) 

514 161 S11:S12 AND S13 

515 1 S14 AND (FIREWALL? ? OR FIRE () WALL? ?) 

516 51 S14 AND IC=H04L 

517 31 S16 NOT AD=20000526:20030526/PR 

518 26 S17 NOT AD=2003052 6 : 20051209/PR 

519 196 ENCRYPT? (2N) SI: S2 

520 132 S19 AND IC=H04L 

521 3024 (FIREWALL? ? OR FIRE () WALL? ? OR SECURE () SERVER? ?) 

522 5 S20 AND S21 

523 60 (CLOAK??? OR DISGUIS??? OR ANONYM?) (2N)S1:S4 

524 26 S23 NOT AD-20000526 : 2003052 6/PR 

525 17 S24 NOT AD-20030526 : 20051209/PR 

526 17 S25 NOT (S22 OR S15 OR S18) 

527 994 S9(10N)S10 

528 12351 S1:S4 (2N) S5:S7 

529 13 S27 AND S28 

530 13 S27 AND S21 

531 26 S29:S30 

532 23 S31 NOT (S22 OR S15 OR S18 OR S26) 

533 12 S32 NOT AD=20000526 : 2003052 6/PR 

534 12 S33 NOT AD=2003052 6 : 2005120 9/PR 
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INDEPENDENT CLAIM is also included for data communication method. 

USE - For communicating data network user terminal and host 
connected to different networks using data communication section, for 
on-line services and financial transaction over Internet. 

ADVANTAGE - Secures service providers hosts so that unauthorized 
access to host is prevented. Does not require installation of special 
software on user's terminals, and allows the service provider's host to 
be logically and physically located at convenient spots within service 
provider's private network without need for installing host on DMZ 
network segments. Even when physically part is provided between user 
terminal and host, logically flow of data and session establishment, 
does not allow user to directly establish service session with host, 
thereby allows effective and efficient management of host by service 
provider and decreases cost associated with providing the services. 

DESCRIPTION OF DRAWING (S) - The figure shows diagram of security 
hardware arrangement . 

User terminal (2) 

Host (4) 

Public network (6) 
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Data communication system has secondary server that initiates 

communication by establishing communication control session with primary 
server before primary server sends connection request to 

secondary server 
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Abstract (Basic) : WO 200070839 A2 

NOVELTY - Primary server coupled to public network (6), receives 
session establishment request from user terminal (2) and generates 
corresponding connection request. Secondary server coupled to 
primary server , establishing communication with host (4) based on 
the request, initiates communications by establishing communication 
control session with primary server before the primary server sends 
connection request. 

DETAILED DESCRIPTION - The internal fire wall and external 
fire wall are coupled between primary and secondary server and 
between public network and primary server respectively. The 
internal fire wall denies all communication control section 
establishment request other than those communication control session 
establishment request which originate from secondary server. An 



DESCRIPTION OF DRAWING (S) - The drawing is a simplified diagram of 
a computer network embodying the invention. 

firewall (203) 

firewall (205) 
authentication server (208) 
second authentication server (210) 
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Abstract (Basic) : WO 200157626 A2 

NOVELTY - A communications channel connects a firewall (205) of a 
first sub-network through a first encrypted protocol handler to a 
- second authentication server (208) . A second encrypted protocol passes 
information between the communications channel and a second 
authentication server (210) . The server of the first sub-network 
passes at least some authentication requests through the second 
encrypted protocol handier, the firewall , the communications channel, 
and the first encrypted protocol handler to the second authentication 
server . 

DETAILED DESCRIPTION - An INDEPENDENT CLAIM is included for: 
(a) a method of authenticating a user and authorizing access to a 
computer network 

USE - For authenticating and authorizing users by an authentication 
server referenced by the computer system or network of computer systems 
with encrypted communications over an insecure channel. 

ADVANTAGE - Use of hypertext transfer protocol secure (HTTPS) 
encrypting/decrypting protocol handlers is particularly convenient 
because these are built into available browsers that also serve as 
terminal software for allowing an administrator to interact with the 
system. Further, HTTPS keys and certificates are well defined and 
easily administered. 
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Abstract (Basic) : US 6081900 A 

NOVELTY - A user authentication system (126) located partially in 
secu re networ k, allows d irect access with target server (104) by user , 
if user is aujyij|ngl"c!a.t.ed . A uniform resource locator ( URL ) 
transformer (108) modi fies non-secure to secure URLs, provided in 
d ata sent from tar g et serv er 'to multi-user client (112), for promoting 
secure sockets layer communication between multiuser client and border 
server (106) . 

DETAILED DESCRIPTION - B order serv er _wh ich is coj jpleri to. Large t 
s erver b y intranet, is provided in secure network (100) . The multi-user 
client is coupled to border server by TCP/IP link to secure sockets 
layer communication. Uniform resource location transformer is located 
in border and target servers, for tunneling software between client and 
target server through border server. INDEPENDENT CLAIM is also included 
for the following: 

(a) method for providing access to secure network; 

(b) computer storage medium for storing method of providing access 
to secure network 

USE - In computer network security of distributed computer e.g. 
LAN, WAN, Internet, Intranet, etc. 

ADVANTAGE - Provides a user who is presently at client outside the 
perimeter of secure network with convenient, efficient and secure 
address to data stored on a server located within secure network. Thus 
providing secure transmission of confidential data between target 
server and external client. Improves continued use of secure 
communication irrespective of inherent security problems caused by lack 
of state information in HTTP. Secures requirements from one web page 
to next without some assistance. Provides security without requiring 
installation of new client or target server software. 

DESCRIPTION OF DRAWING (S) - The figure shows the communication 
between secure network and client outside the network. 

Network (100) 

Target server (104) 

Border server (106) 

URL transformer (108) 

Multi-user client (112) 

User authentication system (126) 
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Abstract: We describe a method for accessing client/ server applications 
from standard World Wide Web browsers. An existing client for the system is 
modified to perform HTTP proxy duties. Web browser users simply configure 
their browsers to use this HTTP proxy , and can then access the system via 
specially encoded URLs that the HTTP proxy intercepts and sends to 

the legacy server system. An example implementation using the Oz Process 
Centered Software Development Environment is presented. (18 Refs) 
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Set Items Description 

51 891674 ADDRESS?? OR URL? ? OR URI? ? OR UNIFORM ( ) RESOURCE ( ) LOCATO- 

R? ? 

52 3147 (IP OR INTERNET () PROTOCOL) () ADDRESS?? 

53 657699 LINK? ? OR HYPERLINK? ? 

54 537834 ENCRYPT? OR ENCIPHER? OR ENCYPHER? OR ENCOD??? 

55 370961 ANONYM? OR MASK??? OR HIDE? ? OR HIDING OR HIDDEN OR DISGU- 

IS??? 

56 9115644 REWRIT??? OR CHANG??? OR ALTER?????? OR MODIF??? OR MODIFI- 

CATION? ? 

57 760476 SERVER? ? OR WEBSERVER? ? OR PROXY OR PROXIES OR HOST? ? 

58 134782 (WEB OR INTERNET OR WWW OR HTTP OR HOME) () (PAGE? ? OR SITE? 

?) OR WEBPAGE? ? OR WEBSITE? ? OR HOMEPAGE? ? 

59 11584 (FIRST OR 1ST OR PRIMARY OR ORIGINAL) (3N) (S7 OR S8) 

510 21642 (SECOND??? OR 2ND OR NEXT OR OTHER OR ANOTHER) (3N) (S7 OR S- 

8) 

511 10067 FIREWALL? ? OR FIRE () WALL? ? 

512 1019067 S1:S2 OR S8 
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Abstract (Basic) : EP 1033854 A2 

NOVELTY - The method provides a user with anonymous access to the 
Internet to access services offered by Internet content providers and 
allows the user to pay for his or her user selected mechanize made 
available through those sites also anonymously without the Internet 

site operator learning the identity of the user who ordered the 
merchandise . 

DETAILED DESCRIPTION - An independent claim describes a method for 
enabling a client using an alias to access service over the Internet. 

USE - For providing a system and a method for anonymous access to 
the Internet to access services offered by the content providers. 

ADVANTAGE - Allows the Internet user to visit sites on the Internet 
anonymously and to pay for mechanize made available through those sites 

anonymously without the Internet site operator learning the 
identity of the user who ordered the merchandise. 

DESCRIPTION OF DRAWING (S) - The drawing shows a data flow diagram 
illustrating the various communications over the Internet. 
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